Some ASN1 objects stored on some smartcards (for instance the
IASECC/CPX ones) do not comply strictly with the rules
8.6.2.3 and 8.6.2.3 from the ITU.
Since these rules are not some strict ones, let's have a loose
decoding option that can be displayed by the command:
opensc-explorer
asn1 7001 # for instance
Fix: issue #2224
The negative integers were parsed uterly wrong, resulting in undefined
shift overflows as reported by oss-fuzz.
The current implementation takes negated values (properly masked) and
calculates two's complement in the end, which results in correct values
and correct data handling.
https://oss-fuzz.com/testcase-detail/5125815506829312
Reported by clang analyzer:
src/libopensc/asn1.c:2115:14: warning: The right operand of '<' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
if (halflen < r_len || halflen < s_len) {
We can't check for `tag == SC_ASN1_TAG_EOC` directly, because this
would also be true for a tag of 0x80 (with `class ==
SC_ASN1_CLASS_CONSTRUCTED`). So what we do is we check for the output
buffer to be NULL!
fixes https://github.com/OpenSC/OpenSC/issues/1273
- fixed printing tags on multiple bytes
- align indenting with raw tags
- use OpenSSL's human readable OID database
- only print the canonical names for universal tags
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
3 bytes is the size of SC_ASN1_TAG_MASK used when composing
the asn1 templates with 'struct sc_asn1_entry'.
With this limitation maximal supported ASN.1 tag number is 2^^14-1 .
Fixed 'dead-code' coverity-scan issue.
Close#707
For ECDSA signatures, there are multiple ways to format the signature:
- R|S (R and S filled with zeroes at the most significant bytes)
- ASN1 sequence of R,S integers (e.g. used by OpenSSL).
It is rare that the filling with zeroes is needed.
But if it is, in the second case, the filling zeroes should not be there
or the verification of the signature by OpenSSL will fail.